alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-10 04:43:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,957 Commits 21 Branches 167 Tags
9de1591660269bbf22d79971f1bb450a59811530
Commit Graph

9 Commits

Author SHA1 Message Date
Michael (XIAO Xufeng)
3b2e8648eb bootloader: create public bootloader_flash.h header 
Move non-public functions into bootloader_flash_priv.h header
 2020-09-19 10:52:02 +08:00
Angus Gratton
b26f93415e secure boot v2: Add anti-FI check that secure boot not enabled yet 
Prevent a fault from causing bootloader to trust the provided signature incorrectly.
 2020-04-24 15:03:31 +10:00
Angus Gratton
fc4b653729 secure boot v2: Don't check efuse BLK2 if only boot-time signature verification is enabled 2020-04-24 15:03:03 +10:00
Angus Gratton
fc0d6a99f8 secure boot v2: Don't log warnings when BLK2 is empty as expected 
If BLK2 is empty then it's OK to continue with a warning (otherwise it may spook users into thinking
something this is wrong, but this is the expected workflow.)

If BLK2 is not empty and doesn't match then we need to fail because it won't be possible to
trust the signature.
 2020-04-24 14:43:55 +10:00
Angus Gratton
d40c69375c bootloader: Add fault injection resistance to Secure Boot bootloader verification 
Goal is that multiple faults would be required to bypass a boot-time signature check.

- Also strengthens some address range checks for safe app memory addresses
- Change pre-enable logic to also check the bootloader signature before enabling SBV2 on ESP32

Add some additional checks for invalid sections:

- Sections only partially in DRAM or IRAM are invalid
- If a section is in D/IRAM, allow the possibility only some is in D/IRAM
- Only pass sections that are entirely in the same type of RTC memory region
 2020-02-27 14:37:19 +05:30
Supreet Deshpande
a9ccc5e5c8 feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3 2020-02-25 01:28:22 +05:30
morris
888316fc64 bootloader_support: refactor to better support multi target 2019-12-23 05:45:17 +00:00
Vikram Dattu
eb99b27f2e Bugfix: ota fails with secure boot on for image size greater than 3.2MB 
When an OTA image size is larger than 50 MMU pages (approx. 3.2 MB), secure_boot_generate fails while trying to map it into memory:
https://gitlab.espressif.cn:6688/idf/esp-idf/blob/master/components/bootloader_support/src/esp32/secure_boot.c#L72
Instead of trying to map the whole image, secure boot code should split the image into chunks and map them one by one, like it is done in esp_image_format.c:
https://gitlab.espressif.cn:6688/idf/esp-idf/blob/master/components/bootloader_support/src/esp_image_format.c#L372

Closes https://jira.espressif.com:8443/browse/IDF-709

Signed-off-by: Vikram Dattu <vikram.dattu@espressif.com>
 2019-07-01 20:04:15 +00:00
suda-morris
3f2d6a0891 make bootloader_support depend on IDF_TARGET 
1. move chip-specific code(e.g. encryption) into IDF_TARGET directory
2. splict app-only code to idf directory which won't be compiled into bootloader
 2019-04-16 17:37:56 +08:00